Unrated severityNVD Advisory· Published Jul 22, 2024· Updated Mar 19, 2025

pz-frontend-manager < 1.0.6 - CSRF change user profile picture

CVE-2024-6244

Description

The PZ Frontend Manager WordPress plugin before 1.0.6 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

WordPress/Wc Frontend Managercpe-rescue
Package: https://wordpress.org/plugins/wc-frontend-manager
PZ Frontend Manager WordPress plugin/PZ Frontend Managerllm-create
Range: <1.0.6

Patches

Vulnerability mechanics

References

wpscan.com/vulnerability/73ba55a5-6cff-40fc-9686-30c50f060732/mitreexploitvdb-entrytechnical-description

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000